NOTE: Maybe this isn't the proper place to discuss this, but I couldn't find a better place. If there is, please point me to it
I've been trying to get Claude connected to the Remote MCP server for BigQuery. I managed to get it going, but:
- Google Auth Platform doesn't support Dynamic Client Registration or CIMD
- so I had to create an oAuth 2.0 Client ID under
Google Auth Platform > Clients of type Web Application first (in order to be able to set the redirect url's for Claude)
- and then had to configure the oAuth Client ID and Secret in the custom connector inside Claude
Besides this being a bit cumbersome (and carefully reading several documents), the issues I have are these:
- Having to pre-register an oAuth client and share the Client ID AND Secret with all my users that want/need to connect
- The fact that the secret needs to be shared with all users makes is not really a secret anymore
- No distinction serverside between which AI tool was used (unless I create different oAuth clients and my users use the proper one for each tool they use)
- No way for me as 'admin' to control which tools are being used
The solution? If Google Auth Platform would support CIMD all issues would go away
- no manual registration of clients
- no sharing of secrets (or even client ids) to users, just a single URL would be sufficient
- clear attribution of access to the correct client
- if added, I could whitelist allowed clients based on their url
NOTE: Maybe this isn't the proper place to discuss this, but I couldn't find a better place. If there is, please point me to it
I've been trying to get Claude connected to the Remote MCP server for BigQuery. I managed to get it going, but:
Google Auth Platform > Clientsof typeWeb Applicationfirst (in order to be able to set the redirect url's for Claude)Besides this being a bit cumbersome (and carefully reading several documents), the issues I have are these:
The solution? If Google Auth Platform would support CIMD all issues would go away